TinyURL Phishing Increases in Popularity

TinyURL Phishing Increases in Popularity

Saturday, March 14, 2009 - by Michael Santo
TinyURL is a popular URL shortening service which is frequently used to reduce the length of a URL to something more manageable. Security firm Trend Micro has warned that TinyURL phishing, first reported in February, is becoming more popular and spreading across different languages.

An example of tinyURL use would be perhaps a Mapquest link to the San Francisco Botanical Garden in Golden Gate Park, which can be shortened to http://tinyurl.com/aaqgln instead of http://www.mapquest.com/maps?address=1199+9th+Avenue+San+Francisco%2C+Ca+94122.

In a phishing scenario, this makes it difficult to mouse over a link to see exactly where it's going. It's also being used in instant messages from your "friends" as well as email.

We've discussed how to avoid phishing schemes before, and much of avoidance relies on recognizing the domain name in the URL as being invalid. Of course, I doubt you would go to E-Trade's site through a TinyURL, but perhaps not.

Naturally, Trend Micro's products purportedly protect against much of this (probably by scanning the TinyURL and expanding it. But if you use something else for security, you can also try the following:
  • URL lengthening tools such as this Firefox extension. Once again, Chrome is super-fast, but unless I can get all the Firefox extensions I love on Chrome, I'm staying put.
  • Finally, you can turn TinyURL preview on permanently in your browser. Go to http://tinyurl.com/preview.php, and click on the link that says "Click here to enable previews." You can similarly disable it later by going to the same page. You will have to do this for each browser you use if you use multiple browsers.


Good luck.
Via: TrendLabs | News Archive | Tags: Malware, Phishing, Viruses, Trojans
Login or Register to Comment

Comments

By 3vi1 on Mar 14, 2009

I'm really surprised this didn't catch on before.  I get tremendously suspicious when I see a TinyURL link, as I've never seen one that wasn't a rickroll or goatse link.

Note to self:  Stop following links in Slashdot articles.

By shanewu on Mar 15, 2009

I agree 3vi1. I'm surprised it took so long for this to become an issue. I've been suspicious of tinyurls and the like for a long time.

The preview tip is very nice though...thanks for sharing that.

By SuperRob on Mar 15, 2009

aww, great, just what we need... a site like tinyurl tries to provide a service that everyone can use and people have to go and abuse it. It's a good thing that trend micro is raising this sort of issue though.

I do agree with 3vi1 though, some of the links they provide do give some rickrolls.

By tanka12345 on Mar 15, 2009

I agree with everyone. I use tinyurl regularly but this never crossed my mind.

By digitaldd on Mar 16, 2009

New tagline: Tinyurl, Shorterlink, etc they're not just for goatse anymore..  <vbg>

By ice91785 on Mar 16, 2009

I tend to like to workout my fingers normally so typing: www.longurl.com/agjak@#%!fjdkfja.httsla.lsdkfjlk499k???//.html is fine :) Screw doing things the easy way...it just goes to show, if you take shortcuts you will run into problems :)

Post a Comment